2,070 Actions

Does AES CTR mode store header information in encrypted files?What research have you done? Counter mode is described in many places, including on Wikipedia, in a NIST standards document, and in textbooks. Have you checked those places to see what they say about this? I think you'll find a number of different ways of nonce management described there.

Witness and Commitment in Commitment schemesWhat research have you done? Have you read standard textbooks on commitment schemes? This is a very basic level question, and should be settled by reading standard references. I expect you to do a significant amount of research/self-study on your own before asking; this site is not a replacement for that.

Cryptographic data structure: sparse array without membership test1. Are you looking for a history-independent data structure? I suspect that's the term used in the literature for this concept. There is lots of work in the crypto literature on history-independent data structures for various purposes. 2. What does the attacker get to see? Does the attacker only get to see the state of the data structure after all get/set operations have completed? Or can he see its state at various points along the way?

Encrypted database: how to deal with general queries?Please try to stick to one question per question. I see two questions: (a) how does the industry deal with encrypted databases? (b) is there anything that simulates somewhat homomorphic encryption? Question (a) is too broad. Question (b) is not well-defined (what do you mean by "at least simulate somewhat") so probably not suitable for this site in its current form. What research have you done? Have you looked at CryptDB (which has seen some deployment in industry)?

Forward pseudorandom permutationThe question is unclear. What vectors? Where did those come from? What does it mean to have the same permutation at the server, in both vectors? I can't follow you. Try editing your question. Specify what is known to each party, what the inputs from each party are, and what the desired output to each party is. Also specify the trust model.

On the privacy of perfect hash functionsDo you have a reference? Perfect hash functions in computer science, as normally studied, have nothing to do with cryptography and don't promise to provide any privacy or any other security properties.

Change Salt when Changing Password?@SteveJessop, I confess I'm not sure if I understand all the details of your scenario. You are aware that you can't start building the rainbow table until you know the salt, and that salts and password hashes are usually not public, right? Are you assuming multiple separate breaches of the password database, and that the user has changed their password in between? That's a pretty rare scenario to target. See my answer for more details.